A contextual attribute-based access control model

Authors:
Michael J. Covington;Manoj R. Sastry
Affiliations:
Corporate Technology Group, Intel Corporation;Corporate Technology Group, Intel Corporation
Venue:
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part II
Year:
2006

Citing 8
Cited 4

Role-Based Access Control Models

Computer
Role templates for content-based access control

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Securing context-aware applications using environment roles

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Generalized Role-Based Access Control

ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Content-triggered trust negotiation

ACM Transactions on Information and System Security (TISSEC)
Context sensitive access control

Proceedings of the tenth ACM symposium on Access control models and technologies
Formal model and policy specification of usage control

ACM Transactions on Information and System Security (TISSEC)
Attribute-Based authentication model for dynamic mobile environments

SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing

Trust and privacy in attribute based access control for collaboration environments

Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
Enhancing the ArchiMate® standard with a responsibility modeling language for access rights management

Proceedings of the Fifth International Conference on Security of Information and Networks
RABAC: role-centric attribute-based access control

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The emergence of ubiquitous mobile devices, such as MP3 players, cellular phones, PDAs, and laptops, has sparked the growth of rich, mobile applications Moreover, these applications are increasingly “aware” of the user and her surrounding environment Dynamic mobile environments are generating new requirements – such as allowing users to access real-time, customized services on-demand and with no prior registration – that are not currently addressed by existing approaches to authorization We investigate using contextual information present in the user's operating environment, such as a user's location, for defining an authorization policy More precisely, we have defined an access control model that uses contextual attributes to capture the dynamic properties of a mobile environment, including attributes associated with users, objects, transactions, and the environment Our Contextual Attribute-Based Access Control model lends itself more naturally to a mobile environment where subjects and objects are dynamic Our authorization model promotes the adoption of many revolutionary mobile applications by allowing for the specification of flexible access control policies.